Created
September 14, 2019 22:23
-
-
Save ranganathanm/f093a5ae36cbf379cdc011b2151b0479 to your computer and use it in GitHub Desktop.
EAP-TLS on mininet-wifi
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
'This example shows how to work with authentication' | |
from mininet.log import setLogLevel, info | |
from mn_wifi.cli import CLI_wifi | |
from mn_wifi.net import Mininet_wifi | |
import time | |
import os | |
import os.path | |
from os import path | |
def topology(): | |
"Create a network." | |
net = Mininet_wifi() | |
#setLogLevel('debug') | |
info("*** Creating nodes\n") | |
#'key_mgmt=NONE WPA-EAP IEEE8021X,' | |
sta1 = net.addStation('sta1', | |
wpasup_flags='-dd -f /tmp/debug1.txt > /tmp/foo1', | |
encrypt='wpa2', | |
eapol_version=2 , | |
config= \ | |
'key_mgmt=WPA-EAP,' | |
'identity="mranga@nist.gov",' | |
'ssid="simplewifi",' | |
'eap=TLS,' | |
'scan_ssid=1,' | |
'ca_cert="/home/mranga/certs/ca.crt",' | |
'client_cert="/home/mranga/certs/client.crt",' | |
'private_key="/home/mranga/certs/client.key"') | |
sta2 = net.addStation('sta2', | |
wpasup_flags='-dd -f /tmp/debug2.txt > /tmp/foo2', | |
encrypt='wpa2', | |
config= \ | |
'key_mgmt=WPA-EAP,' | |
'scan_ssid=1,' | |
'identity="mranga@nist.gov",' | |
'eap=TLS,' | |
'ssid="simplewifi",' | |
'ca_cert="/home/mranga/certs/ca.crt",' | |
'client_cert="/home/mranga/certs/client.crt",' | |
'private_key="/home/mranga/certs/client.key"') | |
ap1 = net.addAccessPoint('ap1', | |
ssid="simplewifi", | |
hostapd_flags='-dd > /tmp/hostapd.txt', | |
mode="g", channel="1", | |
failMode="standalone", datapath='user', | |
config='eap_server=1,' | |
'ieee8021x=1,' | |
'wpa=2,' | |
'eap_message=howdy,' | |
'eapol_version=2,' | |
'wpa_key_mgmt=WPA-EAP,' | |
'logger_syslog=-1,' | |
'logger_syslog_level=0,' | |
'ca_cert=/home/mranga/certs/ca.crt,' | |
'server_cert=/home/mranga/certs/server.crt,' | |
'private_key=/home/mranga/certs/server.key,' | |
'eap_user_file=/home/mranga/experiments/eap_users',isolate_clients=True) | |
info("*** Configuring wifi nodes\n") | |
net.configureWifiNodes() | |
info("*** Associating Stations\n") | |
net.addLink(sta1, ap1) | |
net.addLink(sta2, ap1) | |
info("*** Starting network\n") | |
net.build() | |
ap1.start([]) | |
info("*** Running CLI\n") | |
# For wireless isolation hack. | |
ap1.cmdPrint('ovs-ofctl add-flow ap1 "priority=10,actions=in_port,normal"') | |
CLI_wifi(net) | |
info("*** Stopping network\n") | |
net.stop() | |
if __name__ == '__main__': | |
if path.exists("/tmp/debug1.txt") : | |
os.remove("/tmp/debug1.txt") | |
if path.exists("/tmp/debug2.txt") : | |
os.remove("/tmp/debug2.txt") | |
if path.exists("/tmp/hostapd.txt") : | |
os.remove("/tmp/hostapd.txt") | |
setLogLevel('info') | |
topology() | |
1,1 Top |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment